Amber, especially its offline APK, is likely more secure against session hijacking than nsec app. As a native Android app with offline capability, it sidesteps many network-based vulnerabilities. Nsec app, being web-based, is potentially more exposed to session hijacking risks.

I assume basics are being followed like:

- Using HTTPS to encrypt communication and prevent sniffing.
- Implementing proper session management, including secure session ID generation and handling.
- Using additional security measures like IP binding or user agent checking.
- Regularly expiring and regenerating session IDs

That said, we'd need to hear directly from the devs about specific safeguards. Even then, the only way to know definitively if the implementation is solid is through a successful exploit, or a thorough independent security audit. 

Security audits are expensive and basically everything built on and for Nostr is still in beta, but like password managers, security audits are ultimately necessary for greater trust and certainty especially with everything that gets attached to a user's npub, and to my knowledge, neither has undergone or passed such an audit yet.

I personally use Amber for its offline capabilities and potential security advantages. However, always download from trusted sources and stay cautious, especially on shared networks.

nostr:nprofile1qqs827g8dkd07zjvlhh60csytujgd3l9mz7x807xk3fewge7rwlukxgpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qgswaehxw309ahx7um5wghx6mmd9usjfpck

nostr:nprofile1qqsrx4k7vxeev3unrn5ty9qt9w4cxlsgzrqw752mh6fduqjgqs9chhgppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg6waehxw309aex2mrp0yh8x6rfw3nx7unrv5hx7mn99uslkdah

Any input on this would be appreciated. Thank you.